OPNsense Forum
Archive => 19.1 Legacy Series => Topic started by: mark.migliorini on April 11, 2019, 04:34:16 pm
-
Hi ,
I'm new to opnsense , i'm trying to configure a test vm machine
But i can't do a simple thing.
My configuration is vmware esx 6.5
vm test opnsense LAN 172.22.199.26 /24 WAN Public IP whit is Outside Gateway
route 172.22.201.0/24 using 172.22.199.1 as internal gateway
core switch ( routing ) vlan 199 - 172.22.199.1
vlan 201 - 172.22.201.1
ip route 0.0.0.0 0.0.0.0 172.22.199.26
test pc machine 172.22.201.121 / 24 whit gateway 172.22.201.1
from 172.22.201.121 can reach correctly 172.22.199.26 , but is impossible to reach outside internet
i try to make all sort of rules , * * any from any to any ecc , specific rules from 172.22.201.0/24 to ecc.
but no way , no internet from opnsense .
From firewall log is see this :
wan Apr 11 16:31:32 172.22.201.121:59435 217.72.40.21:80 tcp let out anything from firewall host itself
What i miss , normally whit Endian o Sophos firewall o Fortigate whit similar configuration i have no problem
P.S.
Other strange thing
I make a open vpn server config , and i can reach alla internal vlan whit no probleam..
Thanks Mark
-
No help?
-
Sounds like you need to configure route on "outside" to point to the net behind the OPNsense?
-
No help?
Missing NAT rule? outside gateway with private ip and block private in opnsense wan? Missing reverse route.
Test PC routes to core 172.22.201.1, core routes everything unknown to opnsense 172.22.199.26, opnsense route everything unknown to outside gateway. Outside gateway seems to have private ip in network 172.22.199.0/24.
So first you must enable RFC1918 networks on opnsense wan and your gateway needs either a reverse route to 172.22.201.0/24 or you must masquerade your internal networks to your opnsense wan ip.